A cross-site scripting (XSS) vulnerability in the add-fee.php component of Password Storage Application v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter.
References
Link | Resource |
---|---|
https://github.com/TongJinBo/BugReport/blob/main/XssBug.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2022-11-17 19:15
Updated : 2022-11-18 18:24
NVD link : CVE-2022-43142
Mitre link : CVE-2022-43142
CVE.ORG link : CVE-2022-43142
JSON object : View
Products Affected
password_storage_application_project
- password_storage_application
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')